In evolving technology, attacks on medical devices are optimized due to the driving force of AI, computer vision, mixed reality, and the internet of things (IoT). Optimizing cybersecurity on the internet of medical things (IoMT) and building cyber resiliency against crime-as-a-service (CaaS) in the healthcare ecosystem are challenging due to various attacks, including spectrum-level threats at the physical layer. Therefore, we conducted a systematic literature review to identify the research gaps and propose potential solutions to spectrum threats on IoMT devices. The purpose of this study is to provide an overview of the literature on wireless spectrum attacks. The papers we reviewed covered cyber impacts, layered attacks, attacks on protocols, sniffing attacks, field experimentation with cybersecurity testbeds, radiofrequency machine learning, and data collection. In the final section, we discuss future directions, including the sniffing attack mitigation framework in IoMT devices operating under a machine implantable communication system (MICS). To analyze the research papers about physical attacks against IoT in health care, we followed the Preferred Reporting Items for Systematic Reviews (PRISMA) guidelines. Scopus, PubMed, and Web of Science were searched for peer-reviewed articles, and we conducted a thorough search using these resources. The search on Scopus containing the terms “jamming attack” and “health” yielded 330 rows, and the investigation on WoS yielded 17 rows. The search terms “replay attack” and “health” yielded 372 rows in Scopus, while PubMed yielded 23 rows, and WoS yielded 50 articles. The search terms “side-channel attack” and “health” yielded 447 rows in Scopus, WoS yielded 30 articles, and the search terms “sniffing attack” and “health” yielded 18 rows in Scopus, while PubMed yielded 1 row, and WoS yielded 0 articles. The terms “spoofing attack” and “health” yielded 316 rows in Scopus, while PubMed yielded 5 rows, and WoS yielded 23 articles. Finally, the search terms “tampering attack” and “health” yielded 25 rows in Scopus, PubMed yielded 14 rows, and WoS yielded 46 rows. The search time frame was from 2003 to June 2022. The findings show a research gap in sniffing, tampering, and replay attacks on the IoMT. We have listed the items that were included and excluded and provided a detailed summary of SLR. A thorough analysis of potential gaps has been identified, and the results are visualized for ease of understanding.